Network Working Group F. Templin
Internet-Draft Nokia
Expires: August 4, 2004 T. Gleeson
Cisco Systems K.K.
M. Talwar
D. Thaler
Microsoft Corporation
February 4, 2004
Internet/Site Automatic Tunnel Addressing Protocol (ISATAP)draft-ietf-ngtrans-isatap-18.txt
Status of this Memo
This document is an Internet-Draft and is subject to all provisions
of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that other
groups may also distribute working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This Internet-Draft will expire on August 4, 2004.
Copyright Notice
Copyright (C) The Internet Society (2004). All Rights Reserved.
Abstract
The Internet/Site Automatic Tunnel Addressing Protocol (ISATAP)
connects IPv6 hosts/routers over IPv4 networks. ISATAP views the IPv4
network as a link layer for IPv6 and views other nodes on the network
as potential IPv6 hosts/routers. ISATAP supports automatic tunneling
and a tunnel interface management abstraction similar to the Non-
Broadcast, Multiple Access (NBMA) and ATM Permanent/Switched Virtual
Circuit (PVC/SVC) models.
Templin, et al. Expires August 4, 2004 [Page 1]

Internet-Draft ISATAP February 20041. Introduction
This document specifies a simple mechanism called the Internet/Site
Automatic Tunnel Addressing Protocol (ISATAP) that connects IPv6
[RFC2460] hosts/routers over IPv4 [STD0005] networks. Dual-stack
(IPv6/IPv4) nodes use ISATAP to automatically tunnel IPv6 packets in
IPv4, i.e., ISATAP views the IPv4 network as a link layer for IPv6
and views other nodes on the network as potential IPv6 hosts/routers.
ISATAP enables automatic tunneling whether global or private IPv4
addresses are used, and supports a tunnel interface management
abstraction similar to the Non-Broadcast, Multiple Access (NBMA)
[RFC2491] and ATM Permanent/Switched Virtual Circuit (PVC/SVC)
[RFC2492] models.
The main objectives of this document are to: 1) describe the ISATAP
conceptual model, 2) specify addressing requirements, 3) discuss
configuration and management requirements, 4) specify automatic
tunneling using ISATAP, 5) specify operational aspects of IPv6
Neighbor Discovery, and 6) discuss IANA and Security considerations.
This document surveys all IETF v6ops WG documents current up to
February 4, 2004.
2. Requirements
The keywords MUST, MUST NOT, REQUIRED, SHALL, SHALL NOT, SHOULD,
SHOULD NOT, RECOMMENDED, MAY, and OPTIONAL, when they appear in this
document, are to be interpreted as described in [BCP0014].
3. Terminology
The terminology of [STD0003][RFC2460][RFC2461][RFC3582] applies to
this document. The following additional terms are defined:
ISATAP node:
a node that implements the specifications in this document.
ISATAP daemon:
an ISATAP node's server application that uses an ISATAP driver API
for control plane signaling and tunnel interface
configuration/management.
Templin, et al. Expires August 4, 2004 [Page 3]

Internet-Draft ISATAP February 2004
ISATAP driver:
an ISATAP node's network driver module that provides an API for
control plane signaling and tunnel interface configuration/
management. Also provides an engine for tunneled packet
encapsulation, decapsulation and forwarding.
logical interface:
an IPv6 address or a configured tunnel interface associated with
an ISATAP interface.
ISATAP interface:
an ISATAP node's point-to-multipoint IPv6 interface for automatic
IPv6-in-IPv4 tunneling. Provides a control plane interface for the
ISATAP daemon and a user plane nexus for its associated logical
interfaces.
ISATAP interface identifier:
an IPv6 interface identifier with an embedded IPv4 address
constructed as specified in section 6.1.
ISATAP address:
an IPv6 unicast address assigned on an ISATAP interface with an
on-link prefix and an ISATAP interface identifier.
locator:
an IPv4 address-to-interface mapping, i.e., a node's IPv4 address
and the index for it's associated interface.
locator set:
a set of locators associated with a tunnel interface, where each
locator in the set belongs to the same site.
4. ISATAP Conceptual Model
ISATAP nodes typically act as a host on some interfaces and as a
router on other interfaces; the distinction between host and router
is made per advertising interface.
ISATAP interfaces provide a point-to-multipoint abstraction for
IPv6-in-IPv4 tunneling. They provide a user plane nexus for tunneling
packets on behalf of their associated logical interfaces. They also
provide a control plane interface for tunnel configuration signaling
between the ISATAP daemon and prospective peers (e.g., via IPv6
Neighbor Discovery messages, DNS queries, etc.).
The ISATAP driver sends tunneled packets via the node's IPv4 stack
according to the sending interface's encapsulation parameters. It
also determines the correct interface to receive each tunneled packet
Templin, et al. Expires August 4, 2004 [Page 4]

Internet-Draft ISATAP February 2004
after decapsulation via a forwarding table lookup.
The ISATAP daemon configures and manages tunnels via an ISATAP driver
API. Each such configured tunnel provides a nexus for multiple
applications using IPv6 addresses as application identifiers. Each
such application identifier provides a nexus for multiple sessions.
In summary, each configured tunnel provides a point-to-point
connection between peers that can support multiple applications and
multiple instances of each application.
5. Node Requirements
ISATAP nodes implement the common functionality required by [NODEREQ]
as well as the additional features specified in this document.
6. Addressing Requirements6.1 ISATAP Interface Identifiers
ISATAP interface identifiers are constructed in Modified EUI-64
format ([ADDR], appendix A). They are formed by concatenating the
24-bit IANA OUI (00-00-5E), the 8-bit hexadecimal value 0xFE, and a
32-bit IPv4 address in network byte order ([AUTH], section 3.4).
The format for ISATAP interface identifiers is given below (where 'u'
is the IEEE univeral/local bit, 'g' is the IEEE group/individual bit,
and the 'm' bits represent the concatenated IPv4 address):
|0 1|1 3|3 4|4 6|
|0 5|6 1|2 7|8 3|
+----------------+----------------+----------------+----------------+
|000000ug00000000|0101111011111110|mmmmmmmmmmmmmmmm|mmmmmmmmmmmmmmmm|
+----------------+----------------+----------------+----------------+
When the IPv4 address is known to be globally unique, the 'u' bit is
set to 1; otherwise, the 'u' bit is set to 0 ([ADDR], section 2.5.1).
See: Appendix D for additional non-normative details.
6.2 ISATAP Addresses
Any IPv6 unicast address ([ADDR], section 2.5) that contains an
ISATAP interface identifier constructed as specified in section 6.1
and an on-link prefix on an ISATAP interface is considered an ISATAP
address.
Templin, et al. Expires August 4, 2004 [Page 5]

Internet-Draft ISATAP February 2004
This document defines no new MIB tables, nor extensions to any
existing MIB tables. Objects found in the MIBs listed above are
supported as described in the following subsections.
7.2 The ifRcvAddressTable
The ISATAP driver maintains ifRcvAddressTable as a bidirectional
association of locators with tunnel interfaces. Each locator in the
table includes a preferred IPv4 address-to-interface mapping (i.e., a
preferred IPv4 ipAddressEntry in the node's ipAddressTable) and a
list of associated tunnel interfaces. Each tunnel interface in the
table has a tunnelIfEntry and a list of associated locators, i.e., a
"locator set".
The ISATAP driver implements the following conceptual functions to
manage and search the ifRcvAddressTable:
7.2.1 RcvTableAdd(locator, tunnel_interface)
Creates a bidirectional association in the ifRcvAddressTable between
the locator and tunnel interface, i.e., adds the locator to the
tunnel interface's locator set and adds the tunnel interface to the
locator's association list.
Returns success or failure.
7.2.2 RcvTableDel(locator, tunnel_interface)
Deletes ifRcvAddressTable entries according to the locator and tunnel
interface calling arguments as follows:
- if both arguments are NULL, garbage-collects the entire table.
- if both arguments are non-NULL, deletes the locator from the
tunnel interface's locator set and deletes the tunnel interface
from the locator's association list.
- if the locator is non-NULL and tunnel interface is NULL, deletes
the locator from the locator sets of all tunnel interfaces.
- if the locator is NULL and the tunnel interface is non-NULL,
deletes the tunnel interface from the association lists of all
locators.
Returns success or failure.
Templin, et al. Expires August 4, 2004 [Page 7]

Internet-Draft ISATAP February 20047.2.3 RcvTableLocate(packet)
Searches the ifRcvAddressTable to locate the correct tunnel interface
to decapsulate a packet. First, determines the locator that matches
the packet's IPv4 destination address and ifIndex for the interface
the packet arrived on. Next, checks each tunnel interface in the
locator's association list for an exact match of tunnelIfEncapsMethod
with the packet's encapsulation type and an exact match of
tunnelIfRemoteInetAddress with the packet's IPv4 source address.
If there is no match on the packet's IPv4 source address, a tunnel
interface with a matching tunnelIfEncapsMethod and with
tunnelIfRemoteInetAddress set to 0.0.0.0 is selected. If there are
multiple matches, a tunnel interface with tunnelIfLocalInetAddress
that matches the packet's IPv4 destination address is preferred.
Returns a pointer to a tunnel interface if a match is found; else
NULL.
7.3 ISATAP Driver API
The ISATAP driver implements an API for calling processes, e.g.,
ISATAP daemons, startup scripts, manual command line entry, kernel
processes, etc. Access MUST be restricted to privileged users and
applications. The API provides primitives for sending/receiving
control plane messages as well as creating, deleting, modifying, and
otherwise managing tunnel interfaces. An example (i.e., non-
normative) API is given in Appendix B.
7.4 ISATAP Interface Creation/Configuration
ISATAP interfaces are created via the tunnelIfConfigTable, which
results in simultaneous creation of a tunnelIfEntry and a companion
ipv6InterfaceEntry. Each ISATAP interface configures a locator set,
where each locator in the set represents an IPv4 address-to-
interface mapping for the same site (or, represents a mapping that is
routable on the global Internet). An ISATAP interface MUST NOT
configure a locator set that spans multiple sites.
ISATAP interfaces configure the following objects in tunnelIfEntry:
- tunnelIfEncapsMethod is set to an IANATunnelType for "isatap".
- tunnelIfLocalInetAddress is set to an IPv4 address from the
interface's locator set.
- tunnelIfRemoteInetAddress is set to 0.0.0.0 to denote wildcard
match for remote tunnel endpoints.
Templin, et al. Expires August 4, 2004 [Page 8]

Internet-Draft ISATAP February 2004
- other read-write objects in the tunnelIfEntry are configured as
for any tunnel interface.
ISATAP interfaces also configure the following objects in
ipv6InterfaceEntry:
- ipv6InterfaceType is set to "tunnel".
- ipv6InterfacePhysicalAddress is set to an octet string of zero
length to indicate that this IPv6 interface does not have a
physical address.
- ipv6InterfaceForwarding and, if necessary, ip6Forwarding for the
node are set to "forwarding".
- other read-write objects in ipv6InterfaceEntry are configured as
for any IPv6 interface.
Finally, an ipv6RouterAdvertEntry for the ISATAP interface is created
in ipv6RouterAdvertTable and its ipv6RouterAdvertIfIndex object is
set to the same value as ipv6InterfaceIfIndex. Other objects in
ipv6RouterAdvertEntry are configured as for any IPv6 router.
7.5 Dynamic Creation of Configured Tunnels
Configured tunnels are normally created by the ISATAP daemon in
dynamic response to a tunnel creation request. Configured tunnel
interfaces are configured as for ISATAP interfaces (see: section7.4), except that tunnelIfRemoteInetAddress is normally set to a
specific IPv4 address for a remote node at the far end of the tunnel,
i.e., configured tunnels are normally configured as point-to-point.
Also, tunnelIfEncapsMethod for the new entry is set to an
IANATunnelType appropriate for the method of encapsulation.
Configured tunnels MAY be "bound" to an ISATAP interface such that
they inherit the ISATAP interface's locator set, e.g., for ease of
management and to avoid misconfigurations.
Configured tunnels MAY also be created as independent entities and
configure their own locator set, but (as for ISATAP interfaces) they
MUST NOT configure a locator set that spans multiple sites.
Templin, et al. Expires August 4, 2004 [Page 9]

Internet-Draft ISATAP February 20047.6 Reconfigurations Due to IPv4 Address Changes
When a locator becomes deprecated (e.g., when an IPv4 address is
removed from an IPv4 interface) the locator SHOULD be removed from
all tunnel interface associations via RcvTableDel(locator, NULL).
Also, all tunnel interfaces that used the deprecated IPv4 address as
tunnelIfLocalInetAddress SHOULD configure a different local IPv4
address from their remaining locator set.
When a new IPv4 address is added to an IPv4 interface, the node MAY
add the corresponding new locator to the locator set for one or more
tunnel interfaces via RcvTableAdd(locator, tunnel_interface), and MAY
set tunnelIfLocalInetAddress for tunnel interfaces referenced by the
updated forwarding entries to the new address.
Methods for triggering the above changes, and for communicating IPv4
address changes to remote nodes, are out of scope.
8. Automatic Tunneling
ISATAP nodes use the basic tunneling mechanisms specified in [MECH].
The following additional specifications are also used:
8.1 Encapsulation
The ISATAP driver encapsulates IPv6 packets in IPv4 using various
encapsulation methods, including ip-protocol-41 (e.g., 6over4
[RFC2529], 6to4 [RFC3056], IPv6-in-IPv4 configured tunnels [MECH],
isatap, etc.), UDP [STD0006] port 3544, and others.
AH [RFC2402] and/or ESP [RFC2406] processing and header compression
for the packet's inner headers are performed prior to encapsulation.
8.1.1 NAT Traversal
Native IPv6 and/or ip-protocol-41 encapsulation provides sufficient
functionality to support peer-to-peer communications when both peers
reside within the same site (i.e., the same enterprise network). When
the remote peer resides within a different site, NAT traversal via
UDP/IPv4 encapsulation MAY be necessary.
When an ISATAP node determines that NAT traversal is necessary to
reach a particular peer, it encapsulates IPv6 packets using UDP/IPv4
encapsulation with a UDP destination port of 3544. This determination
may come through, e.g., first attempting communications via ip-
protocol-41 then failing over to UDP/IPv4 port 3544 encapsulation,
administrative knowledge that a NAT traversal will occur along the
path, etc.
Templin, et al. Expires August 4, 2004 [Page 10]

Internet-Draft ISATAP February 2004
When UDP/IPv4 port 3544 encapsulation is used, the specifications in
this document apply the same as for any form of encapsulation
supported by ISATAP.
8.1.2 Multicast
ISATAP interfaces encapsulate packets with IPv6 multicast destination
addresses using a mapped Organization-Local Scope IPv4 multicast
address ([RFC2529], section 6) as the destination address in the
encapsulating IPv4 header.
8.2 Tunnel MTU and Fragmentation
Encapsulated packets may incur host-based IPv4 fragmentation, e.g.,
when the underlying physical link has a small IPv4 MTU [BCP0048]. In
such cases, host-based IPv4 fragmentation is required to satisfy the
1280 byte IPv6 minimum MTU, and is not considered harmful [FRAG]. On
the other hand, unmitigated IPv4 fragmentation caused by the network
can cause poor performance. For example, since the minimum IPv4
fragment size is only 8 bytes [STD0005], network middleboxes could
shred a 1280 byte tunneled packet into as many as 160 IPv4 fragments.
ISATAP uses the MTU and fragmentation specifications in ([MECH],
section 3.2) and the Maximum Reassembly Unit (MRU) specifications in
([MECH], section 3.6), which provide sufficient measures for avoiding
excessive IPv4 fragmentation in certain controlled environments
(e.g., 3GPP operator networks, enterprise networks, etc). To minimize
IPv4 fragmentation and improve performance in general use case
scenarios, ISATAP nodes SHOULD add the following simple
instrumentation to the IPv4 reassembly cache:
When the initial fragment of an encapsulated packet arrives, the
packet's IPv4 reassembly timer is set to 1 second (i.e., the worst
case store-and-forward delay budget for a 1280 byte packet). If an
encapsulated packet's IPv4 reassembly timer expires:
- If enough contiguous leading bytes of the packet have arrived
(see: section 8.6), reassemble the packet from all fragments
received. (Otherwise, garbage-collect the reassembly buffer and
return from processing.) During reassembly, copy zero-filled or,
heuristically-chosen replacement data bytes in place of any
missing fragments.
- Mark the packet as "INCOMPLETE", and also mark it with a
"TOTAL_BYTES" length that encodes the total number of data bytes
in fragments that arrived.
- Deliver the packet to the ISATAP driver as though reassembly had
Templin, et al. Expires August 4, 2004 [Page 11]

Internet-Draft ISATAP February 2004
succeeded.
- Do not send an ICMPv4 "time exceeded" message [STD0005].
Appendix C provides informative text on the derivation of the 1280
byte IPv6 minimum MTU.
8.3 Handling ICMPv4 Errors
ISATAP interfaces SHOULD process ARP failures and persistent ICMPv4
errors as link-specific information indicating that a path to a
neighbor may have failed ([RFC2461], section 7.3.3).
8.4 Link-Local Addresses
ISATAP interfaces use link local addresses constructed as specified
in section 6.1 of this document.
8.5 Neighbor Discovery over Tunnels
The specification in ([MECH], section 3.8) is used; the additional
specification for neighbor discovery in section 9 of this document
are also used.
8.6 Decapsulation/Filtering
ISATAP nodes typically arrange for the ISATAP driver to receive all
IPv4-encapsulated IPv6 packets that are addressed to one of the
node's IPv4 addresses. Examples include ip-protocol-41 (e.g., 6to4,
6over4, configured tunnels, isatap, etc.), UDP/IPv4 port 3544, and
others. The ISATAP driver uses the decapsulation and filtering
specifications in ([MECH], section 3.6), and processes each packet
according to the following steps:
1. Locate the correct tunnel interface to receive the packet (see:
section 7.2.3). If not found, silently discard the packet and
return from processing.
2. If the tunnel uses header compression, reconstitute headers. If
header reconstitution fails, silently discard the packet and
return from processing.
3. Verify that the packet's IPv4 source address is correct for the
encapsulated IPv6 source address. For packets received on a
configured tunnel interface, verification is exactly as specified
in ([MECH], section 3.6).
Templin, et al. Expires August 4, 2004 [Page 12]

Internet-Draft ISATAP February 2004
For packets received on an ISATAP interface, the IPv4 source
address is correct if:
- the IPv6 source address is an ISATAP address that embeds the
IPv4 source address in its interface identifier, or:
- the IPv6 source address is the address of an IPv6 neighbor on
an ISATAP interface associated with the locator that matched
the packet (see: section 7.2.3), or:
- the IPv4 source address is a member of the Potential Router
List (see: section 9.1).
If the IPv4 source address is incorrect, silently discard the
packet and return from processing.
4. Perform IPv4 ingress filtering (optional; disabled by default)
then decapsulate the packet. If the IPv6 source address is
invalid (see: [MECH], section 3.6), silently discard the packet
and return from processing.
For UDP port 3544 packets received on an ISATAP interface, if the
IPv6 source address is an ISATAP link local address with the 'u'
bit set to 0 and an embedded IPv4 address that does not match the
IPv4 source address (see: section 6), rewrite the IPv6 source
address to inform upper layers of the sender's mapped UDP port
number and IPv4 source address. Specific rules for rewriting the
IPv6 source address are established during ISATAP interface
configuration.
Next, discard encapsulating headers and continue processing the
encapsulated IPv6 packet.
5. Perform ingress filtering on the IPv6 source address (see:
[MECH], section 3.6). Next, determine the correct transport
protocol listener [FLOW] if the packet is destined to the
localhost; otherwise, perform an IPv6 forwarding table lookup and
site border/firewall filtering (see: [UNIQUE], section 6).
If the packet cannot be delivered, the driver SHOULD send an
ICMPv6 Destination Unreachable message ([RFC2463], section 3.2)
to the packet's source. The message SHOULD select as its source
address an IPv6 address from the outgoing interface (if the
packet was destined to the localhost) or an ingress-wise correct
IPv6 address from the interface that would have forwarded the
packet had it not been filtered.
Templin, et al. Expires August 4, 2004 [Page 13]

Internet-Draft ISATAP February 2004
The Code field of the message is set as follows:
- if there is no route to the destination, the Code field is set
to 0 (see: [RFC2463], section 3.1).
- if communication with the destination is administratively
prohibited, the Code field is set to 1 ([RFC2463], section3.1).
- if the packet is destined to the localhost, but the transport
protocol has no listener, the Code field is set to 4
([RFC2463], section 3.1).
- if the packet's destination is beyond the scope of the source
address, the Code field is set to 2 (see: IANA
Considerations).
- if the packet was dropped due to ingress filtering policies,
the Code field is set to 5 (see: IANA Considerations).
- if the packet is dropped due to a reject route, the Code field
is set to 6 (see: IANA Considerations).
- if the packet was received on a point-to-point link and
destined to an address within a subnet assigned to that same
link, or if the reason for the failure to deliver cannot be
mapped to any of the specific conditions listed above, the
Code field is set to 3 ([RFC2463], section 3.2).
After sending the ICMPv6 Destination Unreachable message, discard
the packet and return from processing.
6. If the packet is "INCOMPLETE" (see section 8.2) send an
authenticated, unsolicited Router Advertisement message
([RFC2461], section 6.2.4) to the packet's IPv6 source address
with an MTU option that encodes "TOTAL_BYTES".
7. If the packet was destined to a remote host, forward the packet
and return from processing. Otherwise, apply AH [RFC2402] or ESP
[RFC2406] processing (if necessary), and deliver the decapsulated
packet by placing it in a buffer for upper layers. The buffer may
be, e.g., the IPv6 reassembly cache, an application's mapped data
buffer [RFC3542], etc.
If there is clear evidence that upper layer reassembly has
stalled, an ICMPv6 Packet Too Big message [RFC1981] MAY be sent
to the packet's source address with an MTU value indicating a
size that is likely to incur successful reassembly. Some
Templin, et al. Expires August 4, 2004 [Page 14]

Internet-Draft ISATAP February 2004
PrlRefreshInterval
Time in seconds between successive refreshments of the PRL after
initialization. It SHOULD be no less than 3600 seconds. The
designated value of all 1's (0xffffffff) represents infinity.
Default: 3600 seconds
MinRouterSolicitInterval
Minimum time in seconds between successive solicitations of the
same advertising ISATAP interface. The designated value of all 1's
(0xffffffff) represents infinity.
Default: 900 seconds
9.2.2.2 Potential Router List Initialization
ISATAP nodes provision an ISATAP interface's PRL with IPv4 addresses
discovered via manual configuration, a DNS fully-qualified domain
name (FQDN) [STD0013], a DHCPv4 option, a DHCPv4 vendor-specific
option, or an unspecified alternate method.
FQDNs are established via manual configuration or an unspecified
alternate method. FQDNs are resolved into IPv4 addresses through
lookup in a static host file, querying the DNS service, or an
unspecified alternate method.
When the node provisions an ISATAP interface's PRL with IPv4
addresses, it sets a timer for the interface (e.g.,
PrlRefreshIntervalTimer) to PrlRefreshInterval seconds. The node re-
initializes the PRL as specified above when PrlRefreshIntervalTimer
expires, or when an asynchronous re-initialization event occurs. When
the node re-initializes the PRL, it resets PrlRefreshIntervalTimer to
PrlRefreshInterval seconds.
9.2.2.3 Processing Received Router Advertisements
The ISATAP daemon processes Router Advertisements (RAs) exactly as
specified in ([RFC2461], section 6.3.4). The DHCPv6 specification
[RFC3315] is the stateful mechanism associated with the M and O bits.
When the ISATAP daemon receives a Router Advertisement with an MTU
option from a router at the far end of a tunnel, it records the
advertised MTU value, e.g., in the node's IPv6 routing table. If the
MTU value is less than the MTU of the tunnel interface, the value is
recorded in such a way that the node will perform upper layer
fragmentation (i.e., above the IPv4 link layer) to reduce the size of
the IPv4 encapsulated packets it sends via the router. The recorded
value is aged as for IPv6 path MTU information [RFC1981].
Templin, et al. Expires August 4, 2004 [Page 16]

Internet-Draft ISATAP February 2004
For Router Advertisement messages that include prefix options, Route
information options [DEFLT] and/or non-zero values in the Router
Lifetime, the ISATAP daemon resets TIMER(i) to schedule the next
solicitation event (see: section 9.2.2.4). Let "MIN_LIFETIME" be the
minimum value in the Router Lifetime or the lifetime(s) encoded in
options included in the RA message. Then, TIMER(i) is reset as
follows:
TIMER(i) = MAX((0.5 * MIN_LIFETIME), MinRouterSolicitInterval)
9.2.2.4 Sending Router Solicitations
To the list of events after which RSs may be sent ([RFC2461], section6.3.2), ISATAP interfaces add:
- TIMER(i) for some PRL(i) expires.
Router Solicitations MAY be sent to an ISATAP link-local address that
embeds V4ADDR(i) for some PRL(i) instead of the All-Routers multicast
address.
9.3 Address Resolution and Neighbor Unreachability Detection9.3.1 Address Resolution
The specification in ([RFC2461], section 7.2) is used. ISATAP
addresses for which the neighbor/router's link-layer address cannot
otherwise be determined (e.g., from a neighbor cache entry) are
resolved to link-layer addresses by a static computation, i.e., the
last four octets are treated as an IPv4 address.
Hosts SHOULD perform an initial reachability confirmation by sending
Neighbor Solicitation message(s) and receiving a Neighbor
Advertisement message (NS messages are sent to the target's unicast
address). Routers MAY perform this initial reachability confirmation,
but this might not scale in all environments.
All nodes MUST send solicited Neighbor Advertisements on ISATAP
interfaces ([RFC2461], section 7.2.4).
9.3.2 Neighbor Unreachability Detection
Hosts SHOULD perform Neighbor Unreachability Detection ([RFC2461],
section 7.3). Routers MAY perform neighbor unreachability detection,
but this might not scale in all environments.
Templin, et al. Expires August 4, 2004 [Page 17]

Internet-Draft ISATAP February 200410. Other Requirements for Control Plane Signaling10.1 Domain Name System (DNS)
The specifications in ([MECH], section 2.2) are used. Additional
considerations are found in [DNSOPV6].
10.2 Linklocal Multicast Name Resolution (LLMNR)
ISATAP nodes SHOULD implement Link Local Multicast Name Resolution
[LLMNR], since they will commonly be deployed in environments (e.g.,
home networks, ad-hoc networks, etc.) with no DNS service.
10.3 Node Information Queries
ISATAP nodes MAY implement Node Information Queries as specified in
[NIQUERY], since they may help the querier discover some subset of
the responder's addresses.
11. Security considerations
The security considerations in the normative references apply; also:
- site border routers SHOULD install a black hole route for the IPv6
prefix FC00::/7 to insure that packets with local IPv6 destination
addresses will not be forwarded outside of the site via a default
route.
- administrators MUST ensure that lists of IPv4 addresses
representing the advertising ISATAP interfaces of PRL members are
well maintained.
12. IANA Considerations
The IANA is instructed to specify the format for Modified EUI-64
address construction ([ADDR], Appendix A) in the IANA Ethernet
Address Block. The text in Appendix D of this document is offered as
an example specification.
The current version of the IANA registry for Ether Types can be
accessed at http://www.iana.org/assignments/ethernet-numbers.
The IANA is instructed to assign the new ICMPv6 code field types
found in Appendix E of this document for the ICMPv6 Destination
Unreachable message. The policy for assigning new ICMPv6 code field
types is First Come First Served, as defined in [RFC2434]. The
current version of the IANA registry for ICMPv6 type numbers can be
accessed at http://www.iana.org/assignments/icmpv6-parameters.
Templin, et al. Expires August 4, 2004 [Page 18]

Internet-Draft ISATAP February 200413. IAB Considerations
[RFC3424] ("IAB Considerations for UNilateral Self-Address Fixing
(UNSAF) Across Network Address Translation") section 4 requires that
any proposal supporting NAT traversal must explicitly address the
following considerations:
13.1 Problem Definition
The specific problem being solved is enabling IPv6 connectivity for
ISATAP nodes that are unable to communicate via ip-protocol-41 or
native IPv6.
13.2 Exit Strategy
ISATAP nodes use UDP/IPv4 encapsulation for NAT traversal as a last
resort. As soon as native IPv6 or ip-protocol-41 support becomes
available, ISATAP nodes will naturally cease using UDP/IPv4
encapsulation.
13.3 Brittleness
UDP/IPv4 encapsulation with ISATAP introduces brittleness into the
system in several ways: the discovery process assumes a certain
classification of devices based on their treatment of UDP; the
mappings need to be continuously refreshed, and addressing structure
may cause some hosts located beyond a common NAT to be unreachable
from each other.
ISATAP assumes a certain classification of devices based on their
treatment of UDP. There could be devices that would not fit into one
of these molds, and hence would be improperly classified by ISATAP.
The bindings allocated from the NAT need to be continuously
refreshed. Since the timeouts for these bindings is very
implementation specific, the refresh interval cannot easily be
determined. When the binding is not being actively used to receive
traffic, but to wait for an incoming message, the binding refresh
will needlessly consume network bandwidth.
13.4 Requirements for a Long Term Solution
The devices that implement the IPv4 NAT service should in the future
also become IPv6 routers.
Templin, et al. Expires August 4, 2004 [Page 19]

Internet-Draft ISATAP February 200414. Acknowledgments
The ideas in this document are not original, and the authors
acknowledge the original architects. Portions of this work were
sponsored through SRI International internal projects and government
contracts. Government sponsors include Monica Farah-Stapleton and
Russell Langan (U.S. Army CECOM ASEO), and Dr. Allen Moshfegh (U.S.
Office of Naval Research). SRI International sponsors include Dr.
Mike Frankel, J. Peter Marcotullio, Lou Rodriguez, and Dr. Ambatipudi
Sastry.
The following are acknowledged for providing peer review input: Jim
Bound, Rich Draves, Cyndi Jung, Ambatipudi Sastry, Aaron Schrader,
Ole Troan, Vlad Yasevich.
The following are acknowledged for their significant contributions:
Alain Durand, Hannu Flinck, Jason Goldschmidt, Nathan Lutchansky,
Karen Nielsen, Mohan Parthasarathy, Chirayu Patel, Art Shelest, Pekka
Savola, Margaret Wasserman, Brian Zill.
The authors acknowledge the work of Quang Nguyen on "Virtual
Ethernet" under the guidance of Dr. Lixia Zhang that proposed very
similar ideas to those that appear in this document. This work was
first brought to the authors' attention on September 20, 2002.
IAB considerations are the same as for Teredo.
The following individuals are acknowledged for their helpful insights
on path MTU discovery: Jari Arkko, Iljitsch van Beijnum, Jim Bound,
Ralph Droms, Alain Durand, Jun-ichiro itojun Hagino, Brian Haberman,
Bob Hinden, Christian Huitema, Kevin Lahey, Hakgoo Lee, Matt Mathis,
Jeff Mogul, Erik Nordmark, Soohong Daniel Park, Chirayu Patel,
Michael Richardson, Pekka Savola, Hesham Soliman, Mark Smith, Dave
Thaler, Michael Welzl, Lixia Zhang and the members of the Nokia NRC/
COM Mountain View team.
"...and I'm one step ahead of the shoe shine,
Two steps away from the county line,
Just trying to keep my customers satisfied,
Satisfi-i-ied!" - Paul Simon, 1969
Templin, et al. Expires August 4, 2004 [Page 20]

Internet-Draft ISATAP February 2004
Intellectual Property Statement
The IETF takes no position regarding the validity or scope of any
intellectual property or other rights that might be claimed to pertain
to the implementation or use of the technology described in this
document or the extent to which any license under such rights
might or might not be available; neither does it represent that it has
made any effort to identify any such rights. Information on the IETF's
procedures with respect to rights in standards-track and standards-
related documentation can be found in BCP-11. Copies of claims of rights
made available for publication and any assurances of licenses to be made
available, or the result of an attempt made to obtain a general license
or permission for the use of such proprietary rights by implementors or
users of this specification can be obtained from the IETF Secretariat.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary rights
which may cover technology that may be required to practice this
standard. Please address the information to the IETF Executive Director.
The IETF has been notified of intellectual property rights claimed in
regard to some or all of the specification contained in this document.
For more information consult the online list of claimed rights.
Full Copyright Statement
Copyright (C) The Internet Society (2004). All Rights Reserved.
This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it or
assist in its implementation may be prepared, copied, published
and distributed, in whole or in part, without restriction of any kind,
provided that the above copyright notice and this paragraph are included
on all such copies and derivative works. However, this document itself
may not be modified in any way, such as by removing the copyright notice
or references to the Internet Society or other Internet organizations,
except as needed for the purpose of developing Internet standards in
which case the procedures for copyrights defined in the Internet
Standards process must be followed, or as required to translate it into
languages other than English.
Templin, et al. Expires August 4, 2004 [Page 30]

Internet-Draft ISATAP February 2004
The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assignees. This
document and the information contained herein is provided on an "AS IS"
basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE
DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED
TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE
ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A
PARTICULAR PURPOSE.
Acknowledgment
Funding for the RFC Editor function is currently provided by the
Internet Society.
Templin, et al. Expires August 4, 2004 [Page 31]